Quantum principles are set to transform the next generation of Internet security, with new quantum-based technologies on tap to improve encryption and data communication which researchers believe could solve some of the limitations with current technology.
Security researchers in the United Kingdom are among those leading the move toward quantum security with two separate approaches that both leverage cutting-edge quantum principles.
One comes from researchers from Lancaster University, who have spun off a company called Quantum Base that claims to have developed a true random number generator to strengthen current encryption techniques.
The other is an effort from the University of York researchers that uses quantum mechanics in a novel way to distribute information more securely across communication lines to prevent common security breaches.
Indeed, the principles of quantum mechanics–a fundamental theory in physics to describe nature at the atomic and subatomic level–are beginning to find their way into security as attacks become more sophisticated and better able to find their way around traditional, computer-based security methods.
Making ‘random’ even more random
Formed by Lancaster University’s Professor Robert Young and technology-industry veteran Phillip Speed, Quantum Base has developed what its founders claim is the “first practical quantum random number generator (QRNG) for use in electronic devices.”
Cryptography and other types of online security depend on RNG technology, but in reality, the numbers chosen by these generators aren’t always as random as those using the technology might hope.
“Random numbers underpin a surprising amount of modern society, but unfortunately both humans and computers alike are poor at generating random numbers,” according to the Quantum Base website. “Thankfully, quantum physics is inherently random and researchers from Lancaster University, in collaboration with Quantum Base, have developed a simple solution to this important problem.”
That solution is a QRNG that is both high-speed and low-cost and can be embedded within any electronic device without increasing its complexity, the company said. While QRNGs already do exist, right now they are typically slow and expensive, and so not widely used.
The device the company’s designed is nano-sized–a thousandth the width of a human hair–and it uses a single diode that can be fabricated together with the other billions of diodes to create a microprocessor for use in existing and new microelectronic devices, the company said.
Quantum Base is making some bold claims about the technology, claiming “it will overcome the weaknesses of current encryption, allow Blockchain to be implemented with unbreakable quantum security, and will be vital in sensitive areas such as banking, finance, defense and social media.”
Meanwhile, in another part of the United Kingdom, scientists at the University of York also are experimenting with quantum mechanics as a way to improve security, this time to protect data as it moves between lines of communication.
Researchers there have come up with what they claim is a way to permanently secure encrypted information by distributing it differently along communication lines to prevent certain types of attacks on encrypted data.
‘Detector-independent’ security design
One way hackers can attack a device and intercept information is to jam the detectors that are used to collect and measure the photons that carry information, explained Cosmo Lupo, a professor in the University of York’s Department of Computer Science
“Such an attack is powerful because we assume that a given device works according to its technical specifications and will therefore perform its job,” he said. “If a hacker is able to attack a detector and change the way it works, then the security is unavoidably compromised.”
His team designed what they call a “detector-independent” architecture, putting an untrusted detector at a separate point in the communications–somewhere between the sender and receiver–to provide far better security.
This new detector would receive a combination of two signals–one from the sender and one from the receiver–and only have the ability to read the result of this combined signal, but not its component parts.
The team not only developed mathematical proof that this design creates better security, but also have in mind a scheme for implementing it that’s compatible with existing optical-fiber communication networks, Lupo said.
“In principle our proposal can allow for the exchange of unbreakable codes across the Internet without major changes in the actual infrastructure,” he said.